HTTPS POST support in Orion Advanced Alert action

Greetings;

I've been doing a fair amount of research trying to figure out a reliable, supportable method for sending Orion advanced alert data to an incident management system using HTTPS.

The requirements for this are relatively simple:

1. Process alert notification as an HTTPS call to an external incident management system; passing substituted values for common NPM and SAM variables.

2. Receive and record a response from the incident management system in the form of an incident ID, and store it where it can be available to the original Orion alert (like in the annotations field or in a variable that can be substituted back into the alert text).

The product documentation suggests that an HTTP POST operation is available for this purpose, but we need to authenticate with the remote incident management system (over the internet) and send our event data via HTTPS if possible.

Wouldn't it be grand if the "Advanced Alert Manager" was advanced enough to perform actions like this without bolting on clunky middleware bits like cURL in order to perform authentication and send in various formats?

Perspiring Minds need to know this is in the works!

Find more posts tagged with

advanced_alert

https_post

https_alerts

advanced_alert_manager

https_alert

Status: None

Comments

sja

Sound fair ....

The only problem that somehow it will break every time you upgrate npm ....

sorry that i'm so pessimistic ...

ctmidnight

Perhaps, but it's not any more prone to failure than the fifty million database hacks folks have to do in Orion so it'll perform all the tasks we need it to do in the real world.

I'm surprised that they have not added more secure (HTTPS) method support to the alert action option list... It could be easily done and provide huge interoperability value.

ctmidnight

Thanks for your comments... This need has become so urgent in our shop that it may actually cause our management to replace the SolarWinds tools if they cannot support this simple bit of functionality.

Our customers have been waiting for us to migrate to this new incident / change management system with integrated CMDB, and they have been promised that our existing email-based auto-ticket generating method will switch to using the new system's API.

For this to happen; we HAVE to be able to open a secure connection to the incident system's web service (an internet address) and authenticate to create/query/update/resolve the tickets.

kasmith

Before I left my last job, I implemented exactly this. I used a Powershell Script Action, passed in the variables needed to create a ticket, and then did the HTTPS post from the Powershell Script. Worked reliably and effectively.

ctmidnight

Here is the excerpt from the NPM 11.5 Admin Guide (Page 407), explaining the use of the GET or POST URL functions as automatic actions.

Besides the aforementioned absence of HTTPS support; what else is wrong with this statement?:

Using Get or Post URL Functions

"SolarWinds can be configured to communicate alerts using HTTP GET or POST

functions. As an example, a URL may be used as an interface into a trouble ticket

system, and, by correctly formatting the GET function, new trouble tickets may be

created automatically."